3 matches found
CVE-2014-2274
Cross-site request forgery CSRF vulnerability in the Subscribe To Comments Reloaded plugin before 140219 for WordPress allows remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting XSS attacks via a request to the...
CVE-2014-2274
Cross-site request forgery CSRF vulnerability in the Subscribe To Comments Reloaded plugin before 140219 for WordPress allows remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting XSS attacks via a request to the...
CVE-2014-2274
CVE-2014-2274 affects the WordPress plugin “Subscribe To Comments Reloaded” (pre-140219). The vulnerability is a Cross-Site Request Forgery (CSRF) that allows remote attackers to hijack administrator authentication for requests that perform Cross-Site Scripting (XSS) via the subscribe-to-comments...